PEM KeyStore Implementation
Anthony Scarpino
anthony.scarpino at oracle.com
Fri Sep 8 19:17:31 UTC 2023
Hi Karl
The keystore is interesting and may have some value. Was your use case
mostly reading PEM keys and certificates generated elsewhere for use
with a particular application, maybe webservers? Did you see value in
writing to this keystore from Java?
On the topic of PEM, I hope before the end of the year to have a PEM API
JEP. I would be interested in your API feedback from your keystore
experiences. I think if this keystore contribution was accepted, it
should wait so it can use that API.
thanks
Tony
On 9/1/23 12:15 PM, Karl Scheibelhofer wrote:
> Hi,
>
> Working with Java and the JCA KeyStore for decades, I came across
> many situations where I thought it would be convenient to be
> able to load private keys and certificates in PEM format directly
> using the KeyStore API. Without the need to convert them to PKCS#12/JKS.
>
> You can find my implementation of a PEM KeyStore in
> https://github.com/KarlScheibelhofer/java-crypto-tools.
>
> I wondered if it would make sense to integrate such an implementation
> in one of the standard providers of OpenJDK - like the SUN provider.
> What do you think?
>
> Best regards
>
> Karl
More information about the security-dev
mailing list